daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
nuclei-templates/file/malware/hash/avburner-malware-hash.yaml

19 lines
730 B
YAML
Raw Blame History

id: avburner-malware-hash
info:
name: AVBurner Malware Hash - Detect
author: pussycat0x
severity: info
description: Detects AVBurner based on a combination of API calls used, hard-coded strings, and bytecode patterns
reference:
- https://github.com/volexity/threat-intel/blob/main/2023/2023-03-07%20AVBurner/yara.yar
tags: malware,snakecharmer
file:
- extensions:
- all
matchers:
- type: dsl
dsl:
- "sha256(raw) == '4b1b1a1293ccd2c0fd51075de9376ebb55ab64972da785153fcb0a4eb523a5eb'"
# digest: 4a0a00473045022100f8477adf4215907bc55dbf7776c940c9881f598394af92e08e20ee0fe90c223a022068b7ba7a4620b470215521a7504c1d8c9b10ea010a003de19217c37f3a23f7f2:922c64590222798bb761d5b6d8e72950
Reference in New Issue View Git Blame Copy Permalink